Gaetano Coppoletta
Global Product Security @Oracle - Software Developer
About Me
Hello and welcome to my website!
I am Gaetano Coppoletta, a seasoned software engineer specializing in security engineering, currently working as a Software Developer in Oracle’s Global Product Security team. My role involves managing, designing, and testing security tools to enhance the security of Oracle’s global product ecosystem. With dual Master’s degrees in Computer Engineering and Computer Science, I am passionate about developing innovative security solutions that safeguard critical systems and infrastructure.
About Me
My journey in technology began at the prestigious Politecnico di Torino, where I graduated with honors in Computer Engineering. My passion for cybersecurity led me to pursue further studies at the University of Illinois at Chicago, where I conducted extensive research on web and software security as a Research Assistant in the Systems and Internet Security Lab (SISL). My thesis project, OCPPStorm—a fuzzing tool for the Open Charge Point Protocol (OCPP)—exposed critical vulnerabilities in electric vehicle infrastructure, earning recognition at the Network and Distributed System Security (NDSS) Symposium and leading to the identification of six CVEs.
Career and Achievements
At Oracle, I focus on strengthening product security by developing and optimizing security tools that enhance threat detection, vulnerability management, and system integrity. My work ensures that Oracle’s global products maintain the highest security standards, protecting businesses and users worldwide.
Previously, as a security-focused engineer at GorgeousTV, I played a key role in securing a revolutionary AI-driven streaming platform. My contributions ranged from designing authentication mechanisms to implementing robust security controls for data protection. Additionally, my background in cloud infrastructure allowed me to optimize deployment processes, improving efficiency and resilience.
Security Expertise & Contributions
- Security Tool Development: I design and test advanced security tools to proactively manage vulnerabilities and improve security posture across Oracle’s products.
- Threat Mitigation & Risk Management: I implement security best practices, ensuring robust defenses against emerging cyber threats.
- Cloud & Infrastructure Security: My expertise extends to optimizing cloud deployments and securing software systems at scale.
Thank you for visiting my website! I am committed to advancing security engineering and continuously enhancing the protection of digital ecosystems. Feel free to connect to discuss security, technology, and innovation.
Featured In
Awards & Achievements
Merit Scholarship 2023
Merit Scholarship 2022
Merit Scholarship 2021
Merit Scholarship 2020
Merit Scholarship 2019
Scholarship for Master of Science
Experiences
Work EXPERIENCE
Software Developer
Oracle - Global Product Security
February 2025 – Current
- Design, implement, test and maintain security tools.
Work EXPERIENCE
Technical Co-Founder & CPO
GorgeousTV
September 2023 – November 2024
- Innovative AI Technology: Leading the charge in digital advertising transformation with exclusive, patented AI solutions.
- Revolutionary On-Pause Ads: Utilizing advanced AI to revolutionize the integration of contextual product ads within video platforms.
- Industry Redefinition: Passionately committed to reshaping the advertising landscape, ensuring every video moment is interactively shoppable.
- Collaborative Excellence: Working closely with a skilled team to set new benchmarks in contextual advertising.
- Impactful Innovation: Striving to make a lasting impact on the advertising world through cutting-edge technology and creative solutions.
Security:
• Implemented fine-grained security rules for Firestore, securing data for 1,000+ users by enforcing strict read/write permissions,
ensuring only authenticated users could access their own data and reducing risks of account takeovers and data breaches.
• Secured user data using bcrypt for password hashing and salting in Node.js, ensuring OWASP-compliant encryption to prevent
unauthorized access.
• Established GCP IAM policies with granular permissions for microservices, ensuring that only authorized cloud functions could
access specific resources, such as limiting access to a database with role-based controls
• Utilized Sequelize ORM to manage database interactions, ensuring parameterized queries to secure the system against SQL
injection attacks.
• Configured Kubernetes in the backend to securely connect to the database using a cloud-sql-proxy, blocking all external IP
addresses and restricting access to internal services only, adding an extra layer of security to reduce unauthorized access
attempts
Work EXPERIENCE
Graduate Hourly
University of Illinois at Chicago
June 2023 – December 2023
• Developed ’OCPPStorm’, a comprehensive black box fuzzing tool, capable of testing OCPP implementations across multiple
platforms (e.g., Java, .NET), discovering 6 critical vulnerabilities and resulting in the assignment of 6 CVEs.
• Designed OCPPStorm with three core fuzzing modules (Random Fuzzer, State Machine Fuzzer, and Isla Fuzzer), uncovering
vulnerabilities such as improper handling of ‘StartTransaction‘ messages and predictable transaction IDs, leading to CVEs
addressing denial-of-service and data integrity issues.
• Collaborated with a cross-functional team to validate and document vulnerabilities, improving OCPP implementation robustness
and advancing industry-wide security practices.
Work EXPERIENCE
Research Assistant
University of Illinois at Chicago
January 2023 – June 2023
Replicated CVEs on open-source Django servers, focusing on SQL injection and Cross-Site Scripting (XSS) vulnerabilities to
enhance understanding of exploitation techniques in web applications.
• Developed a Python script to generate Abstract Syntax Trees, facilitating in-depth security analysis and vulnerability detection in
Python codebases.
• Built a Java tool to construct Control Flow, Data Dependency, and Call Graphs, contributing to a comprehensive Code Property
Graph for detecting vulnerabilities.
• Specialized in analyzing software security for Python applications, identifying and categorizing taint-style vulnerabilities across
different components.
Work experience
Android Tester
Feedback Italia
March 2021 – July 2021
• Designed and executed a comprehensive testing strategy for Feedback Italia’s Android app, delivering 50% faster test cycles
and reducing time-to-market by 70%
• Cooperated with 1 student and with 2 members of the Android team to finalize the project in time
Volunteering
Head of Social And Content Creation
IEEE-HKN Mu Nu Chapter
• Managed 4 advertising campaigns, with a focus on the highly successful ConnectyCity event campaign that resulted in selling 90% of available tickets
• Coordinated a team composed by 13 people and directed the work among the members of the area
• Formed collaborative partnerships with 4 different associations
Volunteering
Member of Social And Content Creation Team
IEEE-HKN Mu Nu Chapter
October 2021 – March 2022
Practical skills: Photoshop, Canva, Adobe Illustrator.
Education
Education
MSc in Computer Science
University of Illinois at Chicago
2022 – Expected August 2023
GPA 4.0
Focus on web development, AI, cyber security, software engineering and Android development. Master Thesis related to cyber security with focus on web security.
Education
MSc in Computer Engineering
Politecnico di Torino
Focus on concurrent programming, operating systems, software engineering, cyber security and web development.
Education
Bachelor in Computer Science
Politecnico di Torino
Publications
Symposium on Vehicle Security and Privacy (VehicleSec) 2024 - Network and Distributed System Security (NDSS) Symposium
February 2024
Presented the development of OCPPStorm, a black box fuzzing tool that identified multiple critical vulnerabilities in OCPP
implementations, leading to the discovery of CVEs and improved security for electric vehicle charging infrastructure.
Hard Skills
Do you want to know more about me?
Get In Touch
- Los Angeles
- +1 312 885 0974
- tano.coppoletta@gmail.com
- gaetano-coppoletta